Skip to content

Briefing

Crypto hack

Cyber theft of customer records hits Coinbase ahead of S&P 500 inclusion

Make us a preferred source

Link copied

The news: Coinbase, the largest US crypto exchange, said hackers bribed contractors and employees working in support roles outside the US to steal customer data and demanded a USD20 million ($31.25 million) ransom, just days before the company is set to join the S&P 500.

The criminals accessed names, addresses, emails, account data and images of government-issued ID documents of a “small subset” of customers, but did not obtain passwords, keys or funds, it said.

Less than 1% of monthly transacting users were affected, and Coinbase said it will reimburse customers who were tricked into sending funds.

What they said: The company’s co-founder Brian Armstrong in a social media post said it will not pay the ransom and instead offered a USD20 million reward for information leading to the attackers’ arrest and conviction.

The attackers had approached overseas customer support agents with bribes as part of a social engineering campaign, he said. Coinbase said those involved were fired, and it is opening a new support hub in the US while increasing security controls for affected users.

The numbers: The incident could cost the San Francisco-based firm between USD180 million and USD400 million in remediation costs and voluntary reimbursements.

Coinbase shares fell as much as 8.83% on the news. Still, they remain 24% higher for the week, buoyed by Monday’s announcement from S&P Global that the company will be added to the US market benchmark.


By Paulina Durán